Displaying 20 results from an estimated 1000 matches similar to: "Firewall up not letting traffic through"
2012 Mar 18
4
fail2ban
Hi,
I realise that one can simply start fail2ban and then it will insert its
own ruleset before shorewall''s ruleset. Are there subscribers to this
list having alternative (and probably better) ways to use both fail2ban
and shorewall?
Thanks,
Mark
------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90
2012 Mar 25
1
kvm and shorevall-init
Hello,
I''m migrating my laptop setup to a shiny new ThnikPad W520 and in the
process am getting rid of VirtualBox (marked by kernel maintainers as
"unsupportable crap" or some such) and shifting to virt-manager/kvm.
As with the old setup I am running shorewall-init exactly as the great
online documentation lays it out. BUT: with VBox it was enough to add
> net
2012 Mar 14
7
Block port 443 (https) to Facebook.com
Hi, in shorewall version 3.4.8 used this rule to block access to Facebook
through port 443 (https):
/shorewall/rules:
REJECT loc net:69.171.224.12,
69.171.224.0/19,69.63.176.0/20,66.220.144.0/20 tcp 443
What I did was block the public IP network segment to fitthrough https.
Now I use this same rule in version 4.4 and I works already.
Has anything changed in this
2012 Mar 12
1
2 Interface router running KVM with virtual hosts
Hi list!
I would like to modernize my server at home which is still running
Shorewall 3. The server will be running CentOS 6.2 but i also want to use
KVM virtualization to run a Windows host on the same box that i can log
in to remotely.
I looked through the documentation samples on the shorewall site and found
several bridging configurations but they do not match my setup, yes it
will
2012 Mar 19
0
Shorewall 4.5.1.1
Shorewall 4.5.1.1 is now available for download.
Problems Corrected:
1) When checking or compiling for export (-e option), /sbin/shorewall
would previously issue a warning message if the SHOREWALL_SHELL
specified in the remote firewall''s shorewall.conf did not exist.
2) The changes to TOS handling in 4.5.1 are incompatible with older
releases such as RHEL5 and
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2007 Sep 13
2
innov_save, what is it? why does it hurt me so?
hi,
I am using speex1.2beta2 on a TI 54x on narrow band
I have been trying to get speex to work for a while now, and it's been
a real teeter-totter ride. For a long time I noticed that I will get a
project to work and then without changing any code and programming it to
an eprom/flash the project will not work. It turns out it was a value
called innov_save. I found this bugger by zero
2011 Mar 19
6
localhost being blocked
Hi
I have shorewall/iptables running on my server (pub) but access to localhost is blocked then I attemp to use ping localhost, telnet localhost 25, echo Hello | sendmail -v root@localhost. All these commands were run after using shorewall reset and creating the attached file. All these commands work with shorewall clear.
My problem is I can''t email the root messages from (pub) to
2011 Mar 10
3
multi-isp and preventing certain traffic on a given connection
I have a multi-isp configuration:
CGCO 1 256 main $CGCOIF detect track,balance br-lan,tun0
IGS 2 512 main $IGSIF detect track,fallback br-lan,tun0
where I force SMTP out one of the connections:
512:P br-lan - tcp 25
But the effect of that of course is that if IGS goes down, SMTP will
leak out of the CGCO connection. How can I prevent that?
Cheers,
b.
2011 Mar 17
2
DNAT problem
Hi All,
I use rather old Shorewall 3.2.6 and I know it''s no longer supported.
I haven''t been updating the software because it works as intended until now.
The problem is a simple DNAT rule. I actually have around 8 DNAT rules
and they all work just fine.
Here is what I want to achieve. I have a SMTP server in my LAN (lets say
address 192.168.1.10). The SMTP daemon listens on
2011 Mar 13
4
ipod touch, skype, and a shorewall firewall
Hi,
My firewall is a machine running Debian Squeeze with shorewall 4.4.11.6.
/etc/shorewall/policy says this:
loc $FW ACCEPT
loc loc ACCEPT
loc net ACCEPT
$FW net ACCEPT
$FW loc ACCEPT
net all DROP # info
all all REJECT
2011 Jan 20
5
Creating/Protecting a Subnet
I have an admin machine, and a backup server which does backups. The backup server has IPMI so I can do lights-out admin, and I want to allow this from the admin machine only. IPMI is completely unfirewalled, and so it must have a different class C than working networks.... this is just how it is.
I''ve set the IPMI IP on the backup server to 192.168.10.4, and created a virtual
2020 Oct 27
2
Azure AD Connect and the challenge of funding Samba bugs
Hi all,
An update.
On 10/26/20 10:24 PM, Andrew Bartlett wrote:
> The fact that there is a viable workaround (pass-though authentication)
> also seems to be making this harder to fix - because it remains an
> annoyance, not a deal-breaker.
Today I tried again with these ingredients:
- fresh azure tenant
- fresh installed AD (samba 4.12.8 sernet)
- an azure "custom domain
2016 Nov 11
2
azure AD Connect | passwords not syncing
That is a major bummer. :-(
Would it work any better, if I promoted our windows 2012 server to a
domain controller?
Or would that have all kinds of other side-effects..? (we're currently
running three dc's, all samba)
One side-effect I can think of: GPO's, in a mixed samba/windows DC...?
Any ideas what the requirements on the samba side would be, for samba to
be able to
2020 Oct 22
2
Azure AD Connect and replication issues
just small update:
- idfix tool (Directory Synchronization Error Remediation Tool /
https://github.com/microsoft/idfix) shows just small issues like
empty/missing displayName attrib in some of objects which I have
corrected and no more issues present at all.
- no errors from AAD connect event viewer: final log message is
"Scheduler::SchedulerThreadMain : Completed configured scheduler
2020 Oct 21
2
Azure AD Connect and replication issues
Hi Michal,
Seems we are doing similar things at the moment: getting samba to work
with azure AD.
We also see the high CPU usage on the DC that the Azure AD Connect
server connected to. Between 70 - 100 percent in our case.
We are not seeing any replication issues after azure AD Connect, and I
have a script that automatically checks replication every few minutes.
I was the one reporting the
2023 Mar 11
2
Azure AD Sync support in 4.18.0
On 3/11/23 04:33, Andrew Bartlett via samba wrote:
> On Fri, 2023-03-10 at 13:06 -0800, Ray Klassen via samba wrote:
>> I'm very interested in this. Can one of the devs elaborate on what has been
>> accomplished with this? Specifically, I'd like to know if the support is
>> bidirectional -- can azure change passwords in samba ad?
>
> No, I just fixed the issue
2016 Nov 11
4
azure AD Connect | passwords not syncing
Hi,
We setup the microsoft azure AD Connect on a windows 2012 server, to
start using (testing) office 365 in the future. We're running a samba
4.4.4 AD.
This all worked, in the portal.office.com admin section we can see that:
> Company Name COMPANY
> Domains verified 2
> Domains not verified 1
> Directory sync enabled true
> Last directory sync last synced 3
2020 Oct 21
3
Azure AD Connect and replication issues
hello
our AD domain is hosted by two samba AD domain controllers version 4.12.6
- replication between controllers is fine, no problems.
- no schema errors.
- no database errors, all fine.
- no CPU utilizations
- wthout noticeable bandwidth utilization
Recently we have deployed Azure AD connector on dedicated windows system
(system is domain member server). since this deployment we are observing